If you have the keys but lost the install media, here's the Adobe site to download the older CS suites.
https://helpx.adobe.com/download-install/kb/cs6-product-downloads.html
Friday, November 30, 2018
Wednesday, October 24, 2018
SCCM - Windows Update Agent Compliance Item
This is a script I created to pro-actively detect systems that failed to add the WSUS server settings.
I set the threshold high due to the initial client install will have errors until the client applies the settings.
Most of the time, the fix was to delete the c:\windows\system32\GroupPolicy\Machine\Registry.pol and re-run the actions.
Const ForReading = 1
Set objRegEx = CreateObject("VBScript.RegExp")
objRegEx.Pattern = "Failed to Add Update Source for WUAgent"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\Windows\CCM\Logs\WUAHandler.log", ForReading)
i =0
Do Until objFile.AtEndOfStream
strSearchString = objFile.ReadLine
Set colMatches = objRegEx.Execute(strSearchString)
If colMatches.Count > 0 Then
For Each strMatch in colMatches
i = i + 1
Next
End If
Loop
'Wscript.Echo "Number of failures: " & i
If i > 20 then
Wscript.quit(1)
End If
objFile.Close
I set the threshold high due to the initial client install will have errors until the client applies the settings.
Most of the time, the fix was to delete the c:\windows\system32\GroupPolicy\Machine\Registry.pol and re-run the actions.
Const ForReading = 1
Set objRegEx = CreateObject("VBScript.RegExp")
objRegEx.Pattern = "Failed to Add Update Source for WUAgent"
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("C:\Windows\CCM\Logs\WUAHandler.log", ForReading)
i =0
Do Until objFile.AtEndOfStream
strSearchString = objFile.ReadLine
Set colMatches = objRegEx.Execute(strSearchString)
If colMatches.Count > 0 Then
For Each strMatch in colMatches
i = i + 1
Next
End If
Loop
'Wscript.Echo "Number of failures: " & i
If i > 20 then
Wscript.quit(1)
End If
objFile.Close
Monday, September 17, 2018
How to Re-Install SCCM Current Branch Updates
I recently updated it to 1806 and noticed something was missing when the Third Party Software Updates feature wasn't available to enable in the console.
I checked the log file CMUpdate.log in the directory below. There was a lot errors seemingly in validating the files but nothing that I can make out to see what caused why it had the issues.
C:\Program Files\Microsoft Configuration Manager\Logs\
To reinstall the components, you would perform a site reset.
From MS, when a site reset runs at a central administration site or primary site, the site: (https://docs.microsoft.com/en-us/sccm/core/servers/manage/modify-your-infrastructure#bkmk_reset)
The update should be in this directory below and run the splash.hta to bring up the menu.
C:\Program Files\Microsoft Configuration Manager\cd.latest\
Click Next and select the Reset site with no configuration changes.
You can view the log from the View Log button during the progress.
I checked the log file CMUpdate.log in the directory below. There was a lot errors seemingly in validating the files but nothing that I can make out to see what caused why it had the issues.
C:\Program Files\Microsoft Configuration Manager\Logs\
To reinstall the components, you would perform a site reset.
From MS, when a site reset runs at a central administration site or primary site, the site: (https://docs.microsoft.com/en-us/sccm/core/servers/manage/modify-your-infrastructure#bkmk_reset)
- Reapplies the default Configuration Manager file and registry permissions
- Reinstalls all site components and all site system roles at the site
The update should be in this directory below and run the splash.hta to bring up the menu.
C:\Program Files\Microsoft Configuration Manager\cd.latest\
Click Next and select the Reset site with no configuration changes.
You can view the log from the View Log button during the progress.
Monday, August 13, 2018
How to Install the SCCM Admin Console on a System without the Installation Media
I'm using the Microsoft Office 365 virtual lab and want to install it on another VM I created. Unfortunately, this doesn't contain the install media to run the consolesetup.exe.
After some digging on the system, the installer can be found on the SCCM server or other sources could be another computer with the console installed and has been updated.
The directory where the files are found: "C:\Program Files (x86)\ConfigMgr10\AdminconsoleSetup"
In the directory, you'll find some GUID named folders. They will contain the "Adminconsole.msi" or the Console Update.
Depending on which source you get it from, you may have more than one folder containing the "Adminconsole.msi". Install using the newest created date.
After installing the console, run the latest console update from searching the same directory to avoid the console from prompting to update on first launch.
After some digging on the system, the installer can be found on the SCCM server or other sources could be another computer with the console installed and has been updated.
The directory where the files are found: "C:\Program Files (x86)\ConfigMgr10\AdminconsoleSetup"
In the directory, you'll find some GUID named folders. They will contain the "Adminconsole.msi" or the Console Update.
Depending on which source you get it from, you may have more than one folder containing the "Adminconsole.msi". Install using the newest created date.
After installing the console, run the latest console update from searching the same directory to avoid the console from prompting to update on first launch.
Sunday, May 21, 2017
HP Conexant Audio Driver Vulnerability
HP has released a new driver package update to fix the security vulnerability. The debugging has been left on and is essentially logging every keystroke.
If the MicTray.log file exits in C:\Users\Public, it can potentially vulnerable. It should be best to update it if you're unsure. On most machines, I've see this file on, it was blank.
Here's the official link from HP that includes the driver packages to download if your systems is listed as the affected.
https://support.hp.com/in-en/document/c05519670
For G3 and newer generation models it seems this is applicable, haven't seen the other models or newer G4s in our environment to need this.
ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80323.exe
Extract the files using 7zip or running the installer, using the command line "Setup.exe -S" to install silent will do it. It doesn't reboot the system but will require a reboot.
You should script this to delete the MicTray.log during the driver update.
After updating, the driver details should be relatively recent.
If the MicTray.log file exits in C:\Users\Public, it can potentially vulnerable. It should be best to update it if you're unsure. On most machines, I've see this file on, it was blank.
Here's the official link from HP that includes the driver packages to download if your systems is listed as the affected.
https://support.hp.com/in-en/document/c05519670
For G3 and newer generation models it seems this is applicable, haven't seen the other models or newer G4s in our environment to need this.
ftp://ftp.hp.com/pub/softpaq/sp80001-80500/sp80323.exe
Extract the files using 7zip or running the installer, using the command line "Setup.exe -S" to install silent will do it. It doesn't reboot the system but will require a reboot.
You should script this to delete the MicTray.log during the driver update.
After updating, the driver details should be relatively recent.
Wednesday, May 17, 2017
SCCM - Intel AMT Vulnerability Report
Here's the Intel guide to mitigating this risk
Intel-SA-0075 Mitigation Guide
1. Unprovision Client - Using their tool Intel ACUConfig Download
ACUConfig.exe UnConfigure
2. Disable or Remove the Service (should also end the process in the script)
sc config LMS start=disabled
sc delete LMS
Here's a report to find the AMT version and Provisioning State
It doesn't include the syntax for the report generated at the bottom
https://communities.intel.com/docs/DOC-5763
Count of Versions
Intel-SA-0075 Mitigation Guide
1. Unprovision Client - Using their tool Intel ACUConfig Download
ACUConfig.exe UnConfigure
2. Disable or Remove the Service (should also end the process in the script)
sc config LMS start=disabled
sc delete LMS
Here's a report to find the AMT version and Provisioning State
It doesn't include the syntax for the report generated at the bottom
https://communities.intel.com/docs/DOC-5763
Count of Versions
SELECT COUNT( v_GS_AMT_AGENT.AMT0) as "Count", v_GS_AMT_AGENT.AMT0
FROM v_GS_AMT_AGENT INNER JOIN
v_R_System ON v_GS_AMT_AGENT.ResourceID = v_R_System.ResourceID
Group by v_GS_AMT_AGENT.AMT0
order by v_GS_AMT_AGENT.AMT0
Report for AMT version and Provisioning State less than 3
Includes model and processor to easier identify what files to download
Includes model and processor to easier identify what files to download
SELECT v_R_System.Name0, v_GS_AMT_AGENT.AMT0, v_GS_AMT_AGENT.ProvisionState0, v_GS_COMPUTER_SYSTEM.Model0, v_GS_PROCESSOR.Name0 AS Expr1
FROM v_GS_AMT_AGENT INNER JOIN
v_R_System ON v_GS_AMT_AGENT.ResourceID = v_R_System.ResourceID INNER JOIN
v_GS_COMPUTER_SYSTEM ON v_R_System.ResourceID = v_GS_COMPUTER_SYSTEM.ResourceID INNER JOIN
v_GS_PROCESSOR ON v_R_System.ResourceID = v_GS_PROCESSOR.ResourceID
WHERE (v_GS_AMT_AGENT.ProvisionState0 < 3)
ORDER BY v_GS_AMT_AGENT.ProvisionState0, Model0
Sunday, May 14, 2017
Windows Update for WannaCrypt Ransonware
The security monthly updates to use are below for the affect systems.
According to MS, Windows 10 is not targeted.
https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt
While this vulnerability is listed as MS17-010, the bulletin for this will fall under the bulletin for the security update.
MS17-008 is the bulletin for the Security Monthly Updates.
KB4012212 for Windows 7, 2008 R2
KB4012213 for Windows 8.1 and 2012 R2
Windows 2008 non-R2 is 4018466 released this month which supersedes MS17-010 (KB4012598) from March 2017.
Released are other updates for out of support OS in the screenshot below for XP, 2003, etc.
According to MS, Windows 10 is not targeted.
https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt
While this vulnerability is listed as MS17-010, the bulletin for this will fall under the bulletin for the security update.
MS17-008 is the bulletin for the Security Monthly Updates.
KB4012212 for Windows 7, 2008 R2
KB4012213 for Windows 8.1 and 2012 R2
Windows 2008 non-R2 is 4018466 released this month which supersedes MS17-010 (KB4012598) from March 2017.
Released are other updates for out of support OS in the screenshot below for XP, 2003, etc.
Subscribe to:
Posts (Atom)